Computer systems, from small handheld electronic devices to medium-sized mobile and desktop systems to large servers and workstations, are becoming increasingly pervasive in our society. As such, people are becoming more reliant on computer systems to store and access information, much of which may be confidential. To maintain the confidentiality of this information, some computer systems may be voluntarily “locked” or “secured” by a user. When a computer system is locked, access to the computer system may be limited. This not only serves to maintain the confidentiality of information stored on the computer system but also deters theft of the computer system.
One way in which access to a computer system may be limited is by password-protecting the system. In a password-protected computer system, access to the system is only granted to a user that enters a proper password. One advantage to this type of protection mechanism is that the user need not carry special security devices, such as keys or cards, to gain access to the computer system. The user need only remember a password. Another advantage to this type of protection is that different levels of access may be granted according to the password entered.
Unfortunately, password-protected computer systems may not be secure. There are a number of ways to crack a password-protected computer system. For example, a thief or spy may surreptitiously observe a user when the user enters their password. Later, the thief may simply steal the computer system, confident in the knowledge that the system can be unlocked by the thief by entering the observed password. This security problem is particularly of concern to mobile computer users. Alternatively, the spy may log onto the computer system in the user's absence using the observed password. The spy may then access confidential information without the user knowing that their security has ever been compromised.
The present invention addresses this and other problems associated with the prior art.